== Adding Dependent Table Permissions (Expanded from the tutorial and not part of it) ==

+

+

It might be worth noting that if one is using dependent tables in a component, the permissions need to be extended to the dependent table's views. For example, if you had a component for making picture Galleries with pictures as Gallery Items, you would have views for Galleries, Gallery (Edit Form), GalleryItems,and GalleryItem (Edit Form).

+

+

Adding permissions to the Gallery views (Galleries and Gallery) would be the same as shown in the tutorial. To add the permissions to the Gallery Item views (GalleryItems and GalleryItem) is slightly different.

+

+

Assuming one wants the Gallery Items to have the same permissions as their parent Gallery (and not individual permissions for each item), the foreign key needs to be fed back to the getActions function.

Since this is the list view of the items contained in the gallery, the view gets items (plural). Their foreign keys are all the same though, so looking at the first one in the array gets the correct value.

The logic may be slightly different as well. For example, adding or deleting a Gallery Item is editing the Gallery, so it may be better to simply use core.edit for every action in the Gallery Items portion of the component.

+

+

Lastly, the permission code in the tutorial prevents the tasks from being completed. The views can still be loaded by direct url access as long as the user is logged into the back end and has access to the component. If there are actions that can be taken like using a media manager which may not require the form to be submitted, or if something confidential may be displayed, consider preventing the view with something like this for the dependent table (GalleryItems) where no action should be taken without edit permission:

"core.edit" (and core.add if you wish) are enforced in the sub-controller (NOT in the model). I don't know why this is so, but that's how other components do it. You need to add the following lines in the file: /admin/controllers/helloworld.php

Once you implement the changes above the tutorial should work as intended. (allowAdd should also be implemented to check for category permission at least, but since the author of the tutorial did not add a "core.add" action for the "message" section, I'll leave like it is.

Somehow the ACL doesn't work on Edit permission for me. It shows both Save & New and Save as Copy buttons when it has no create rights. Gone through the code twice, but cannot see anything wrong with it... Anybody else have same problem? --A2Ggeir 10:19, 6 December 2010 (UTC)

Did a little debug and it seems the values from function canDo() in Helper does not return the right values when it is in edit view.

Delet dosn't work

when you want to delete a message it goes wrong and the message appears:

500 - Es ist ein Fehler aufgetreten

Layout „default“ nicht gefunden

downt know why its not working... maybee some can check this out.

Greetz

Ok, so I have carefully followed the tutorial to here. What I need to know now is HOW do I allow a user who only has edit.own rights to get to the admin edit for the component??

I tried for a while to create an edit page on the front end, but no luck and no help. It occurred to me that perhaps if I could not bring the mountain to Mohammed, I could get Mohammed access to the mountain. But how to do it without making every user an administrator? Even a manager has too much other access.

Missing asset_id field

Adding Dependent Table Permissions (Expanded from the tutorial and not part of it)

It might be worth noting that if one is using dependent tables in a component, the permissions need to be extended to the dependent table's views. For example, if you had a component for making picture Galleries with pictures as Gallery Items, you would have views for Galleries, Gallery (Edit Form), GalleryItems,and GalleryItem (Edit Form).

Adding permissions to the Gallery views (Galleries and Gallery) would be the same as shown in the tutorial. To add the permissions to the Gallery Item views (GalleryItems and GalleryItem) is slightly different.

Assuming one wants the Gallery Items to have the same permissions as their parent Gallery (and not individual permissions for each item), the foreign key needs to be fed back to the getActions function.

In the GalleryItems view the statement would be:

$this->canDo = GalleryHelper::getActions($this->items[0]->gallery_id);
// gallery_id being the foreign key to the gallery table

Since this is the list view of the items contained in the gallery, the view gets items (plural). Their foreign keys are all the same though, so looking at the first one in the array gets the correct value.

The GalleryItem view, which only pulls up one item would be:

$this->canDo = GalleryHelper::getActions($this->item->gallery_id);

The logic may be slightly different as well. For example, adding or deleting a Gallery Item is editing the Gallery, so it may be better to simply use core.edit for every action in the Gallery Items portion of the component.

Lastly, the permission code in the tutorial prevents the tasks from being completed. The views can still be loaded by direct url access as long as the user is logged into the back end and has access to the component. If there are actions that can be taken like using a media manager which may not require the form to be submitted, or if something confidential may be displayed, consider preventing the view with something like this for the dependent table (GalleryItems) where no action should be taken without edit permission: